Startup Parity Technologies released a new version of the client that fixed a bug that could turn off computers running Ethereum nodes.
New Parity Ethereum release 2.5.7-stable / 2.6.2-beta protect against an RPC call vulnerability. Though the only nodes potentially affected are those who have manually enabled tracing or public-facing RPC, we recommend everyone to update. https://t.co/NaniWWTFS6
– Parity Technologies (@ParityTech) August 29, 2019
The first to discover the vulnerability and report it to Parity was Scott Bigelow, vice president of blockchain development at the Amberdata analytic startup. According to him, only a small part of Parity's customers are at risk.
“Vulnerability could cause an immediate failure of the Parity client ,” the expert noted. “ There is no way to steal funds or commit other malicious actions, but you can turn off some of the Ethereum nodes.”
Parity Technologies encouraged users to upgrade their clients to the latest version as soon as possible, especially those where the publicly available RPC and transaction history tracking module are activated.
Remote Procedure Call (RPC) is a protocol that allows you to request program data on third-party servers. In the blockchain industry, it is used to obtain information on balances at addresses, block numbers, and other information.
To date, the Parity client uses about 21% of nodes in the Ethereum network (3257, according to EtherNodes ).
Earlier, BlockchainJournal reported that the Ethereum hard fork called Istanbul could be ported due to the Parity team’s unwillingness to introduce key upgrades to the Ropsten test network at the indicated time.
Follow BlockchainJournal on Twitter !
BlockchainJournal.news
BlockchainJournal.news
